2012-04-07

Mac users worldwide are at risk to be infected with a new variant of FlashbackTrojan virus.

The latest findings from Dr. Web, a Russian antivirus company, show that a new variant of Flashback Trojan is in festive ambiance after it successfully infected more than 500,000 Macs, possibly reaching 600,000 with 274 bots most likely getting into the Apple headquarters in Cupertino, CA.

Flashback Trojan also known as Mac Trojan horse has been obvious in the market since 2011. They disguised as installer for Adobe Flash relying on user’s intervention to penetrate Mac computers.

When this Trojan variant was uncovered last year by security firm Intego, people were already warned and likewise given with a fix. However, the makers of Flashback Trojan have another feather on their cap. This time they no longer need a user involvement to access a Mac computer.

Flashback Trojan is back. They changed tactics - and this time, they just need a user to visit a malicious website in order to spread the “infection”. Flashback Trojan infects a Mac computer by just a mere visit. No more simulation of an installer, a Mac software update or a Java updater.

The newest variant named as OSX/Flashback.K by F-Secure security researchers, no longer need an administrator’s password. This new Flashback Trojan is able to penetrate any Mac computer without any hint from the owner. The weakness is found in Java SE6 identified as CVE-2012-0507.

The sad part is, no cure is currently up for grabs for this new malware on the Mac. For this, Apple has been put in a bad light. However, knowing the company’s stand on rolling updates, even their corner office can share a remedy.

If the makers of Flashback Trojan have a never-say-die attitude, Mac users have their never-surrender lyrics - to sing - while disabling Java, and knowing how trustworthy the websites they are visiting. In general, the best immediate remedy for this new type of malware is…common sense!